openinfra/openstackid
Code Issues Proposed changes

Allow to change email without change openid url

Browse Source 
now code uses Member.ID instead of Member.Email as
external identifier.

Change-Id: Ic405f3e142d84749335d832f944abffc87ccdd11
Closes-Bug: 2000239
This commit is contained in:
Sebastian Marcet 2015-03-17 17:00:16 -03:00
parent 785147929f
commit 6a0196376e
13 changed files with 184 additions and 108 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
app/database/migrations/2015_04_15_151846_update_openid_users_table.php Normal file
View File

@ -0,0 +1,36 @@
<?php
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Database\Migrations\Migration;
class UpdateOpenidUsersTable extends Migration {
/**
* Run the migrations.
*
* @return void
*/
public function up()
{
Schema::table('openid_users', function($table)
{
$table->bigInteger("external_identifier")->unsigned()->nullable();
$table->unique('external_identifier');
});
}
/**
* Reverse the migrations.
*
* @return void
*/
public function down()
{
Schema::table('openid_users', function($table)
{
$table->dropUnique('external_identifier');
$table->dropColumn('external_identifier');
});
}
}

39
app/database/migrations/2015_04_15_152300_update_identifier_on_openid_users_table.php Normal file
View File

@ -0,0 +1,39 @@
<?php
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Database\Migrations\Migration;
use auth\User;
class UpdateIdentifierOnOpenidUsersTable extends Migration {
/**
* Run the migrations.
*
* @return void
*/
public function up()
{
//get all users
$users = User::all();
// and update new field external_identifier with member id
foreach($users as $user){
$email = $user->external_id;
$member = Member::where('Email', '=', $email)->first();
if(!is_null($member)){
$user->external_identifier = $member->ID;
$user->save();
}
}
}
/**
* Reverse the migrations.
*
* @return void
*/
public function down()
{
//
}
}

32
app/database/migrations/2015_04_15_153123_update__drop_external_id_openid_users_table.php Normal file
View File

@ -0,0 +1,32 @@
<?php
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Database\Migrations\Migration;
class UpdateDropExternalIdOpenidUsersTable extends Migration {
/**
* Run the migrations.
*
* @return void
*/
public function up()
{
Schema::table('openid_users', function($table)
{
//drop external_id == Member->Email
$table->dropColumn('external_id');
});
}
/**
* Reverse the migrations.
*
* @return void
*/
public function down()
{
//
}
}

8
app/database/seeds/TestSeeder.php
View File

@ -305,13 +305,13 @@ class TestSeeder extends Seeder {
// create users and clients ...
User::create(
array(
'identifier'=>'sebastian.marcet',
'external_id'=>'smarcet@gmail.com',
'last_login_date'=>gmdate("Y-m-d H:i:s", time())
'identifier' => 'sebastian.marcet',
'external_identifier' => 13867,
'last_login_date' => gmdate("Y-m-d H:i:s", time())
)
);
$user = User::where('external_id','=','smarcet@gmail.com')->first();
$user = User::where('identifier','=','sebastian.marcet')->first();
OpenIdTrustedSite::create(
array(

7
app/libs/auth/AuthService.php
View File

@ -5,6 +5,7 @@ namespace auth;
use Auth;
use Session;
use utils\services\IAuthService;
use \Member;
class AuthService implements IAuthService
{
@ -72,8 +73,10 @@ class AuthService implements IAuthService
public function getUserByUsername($username)
{
$user = User::where('external_id', '=', $username)->first();
return $user;
$member = Member::where('Email', '=', $username)->first();
if(!is_null($member))
return User::where('external_identifier', '=', $member->ID)->first();
return false;
}
public function getUserById($id)

52
app/libs/auth/CustomAuthProvider.php
View File

@ -56,16 +56,17 @@ class CustomAuthProvider implements UserProviderInterface
try {
//here we do the manuel join between 2 DB, (openid and SS db)
$user = $this->user_repository->getByExternalId($identifier);
$member = $this->member_repository->getByEmail($identifier);
$member = $this->member_repository->get($identifier);
if (!is_null($member) && !is_null($user)) {
$user->setMember($member);
return $user;
}
return null;
} catch (Exception $ex) {
$this->log_service->error($ex);
return null;
}
return null;
}
/**
@ -90,35 +91,36 @@ class CustomAuthProvider implements UserProviderInterface
if (!isset($credentials['username']) || !isset($credentials['password']))
throw new AuthenticationException("invalid crendentials");
$identifier = $credentials['username'];
$password = $credentials['password'];
$user = $user_repository->getByExternalId($identifier);
$email = $credentials['username'];
$password = $credentials['password'];
//get SS member
$member = $member_repository->getByEmail($email);
if (is_null($member)) //member must exists
throw new AuthenticationException(sprintf("member %s does not exists!", $email));
$user = $user_repository->getByExternalId($member->ID);
//check user status...
if (!is_null($user) && ($user->lock || !$user->active)){
Log::warning(sprintf("user %s is on lock state",$identifier));
throw new AuthenticationLockedUserLoginAttempt($identifier,sprintf("user %s is on lock state",$identifier));
Log::warning(sprintf("user %s is on lock state",$email));
throw new AuthenticationLockedUserLoginAttempt($email, sprintf("user %s is on lock state",$email));
}
//get SS member
$member = $member_repository->getByEmail($identifier);
if (is_null($member)) //member must exists
throw new AuthenticationException(sprintf("member %s does not exists!", $identifier));
$valid_password = $member->checkPassword($password);
if(!$valid_password)
throw new AuthenticationInvalidPasswordAttemptException($identifier,sprintf("invalid login attempt for user %s ",$identifier));
throw new AuthenticationInvalidPasswordAttemptException($email, sprintf("invalid login attempt for user %s ", $email));
//if user does not exists, then create it
if (is_null($user)) {
//create user
$user = new User();
$user->external_id = $member->Email;
$user->identifier = $member->Email;
$user->last_login_date = gmdate("Y-m-d H:i:s", time());
$user->external_identifier = $member->ID;
$user->identifier = $member->ID;
$user->last_login_date = gmdate("Y-m-d H:i:s", time());
$user_repository->add($user);
}
@ -162,19 +164,19 @@ class CustomAuthProvider implements UserProviderInterface
{
if (!isset($credentials['username']) || !isset($credentials['password']))
throw new AuthenticationException("invalid crendentials");
try {
$identifier = $credentials['username'];
$password = $credentials['password'];
$user = $this->user_repository->getByExternalId($identifier);
$email = $credentials['username'];
$password = $credentials['password'];
$member = $this->member_repository->getByEmail($email);
if(!$member || !$member->checkPassword($password)) return false;
$user = $this->user_repository->getByExternalId($member->ID);
if (is_null($user) || $user->lock || !$user->active)
return false;
$member = $this->member_repository->getByEmail($identifier);
return !is_null($member) ? $member->checkPassword($password) : false;
} catch (Exception $ex) {
} catch (Exception $ex) {
$this->log_service->error($ex);
return false;
}
return true;
}
/**

101
app/libs/auth/User.php
View File

@ -59,17 +59,20 @@ class User extends BaseModelEloquent implements UserInterface, IOpenIdUser, IOAu
$this->member = $member;
}
private function getAssociatedMember(){
if (is_null($this->member)) {
$this->member = Member::where('ID', '=', $this->external_identifier)->first();
}
return $this->member;
}
/**
* Get the unique identifier for the user.
*
* the one that is saved as session id on vendor/laravel/framework/src/Illuminate/Auth/Guard.php
* @return mixed
*/
public function getAuthIdentifier()
{
if (is_null($this->member)) {
$this->member = Member::where('Email', '=', $this->external_id)->first();
}
return $this->external_id;
public function getAuthIdentifier() {
return $this->external_identifier;
}
/**
@ -79,26 +82,20 @@ class User extends BaseModelEloquent implements UserInterface, IOpenIdUser, IOAu
*/
public function getAuthPassword()
{
if (is_null($this->member)) {
$this->member = Member::where('Email', '=', $this->external_id)->first();
}
$this->getAssociatedMember();
return $this->member->Password;
}
public function getIdentifier()
{
if (is_null($this->member)) {
$this->member = Member::where('Email', '=', $this->external_id)->first();
}
$this->getAssociatedMember();
return $this->identifier;
}
public function getEmail()
{
if (is_null($this->member)) {
$this->member = Member::where('Email', '=', $this->external_id)->first();
}
return $this->external_id;
$this->getAssociatedMember();
return $this->member->Email;
}
public function getFullName()
@ -108,17 +105,13 @@ class User extends BaseModelEloquent implements UserInterface, IOpenIdUser, IOAu
public function getFirstName()
{
if (is_null($this->member)) {
$this->member = Member::where('Email', '=', $this->external_id)->first();
}
$this->getAssociatedMember();
return $this->member->FirstName;
}
public function getLastName()
{
if (is_null($this->member)) {
$this->member = Member::where('Email', '=', $this->external_id)->first();
}
$this->getAssociatedMember();
return $this->member->Surname;
}
@ -129,41 +122,31 @@ class User extends BaseModelEloquent implements UserInterface, IOpenIdUser, IOAu
public function getGender()
{
if (is_null($this->member)) {
$this->member = Member::where('Email', '=', $this->external_id)->first();
}
$this->getAssociatedMember();
return $this->member->Gender;
}
public function getCountry()
{
if (is_null($this->member)) {
$this->member = Member::where('Email', '=', $this->external_id)->first();
}
$this->getAssociatedMember();
return $this->member->Country;
}
public function getLanguage()
{
if (is_null($this->member)) {
$this->member = Member::where('Email', '=', $this->external_id)->first();
}
$this->getAssociatedMember();
return $this->member->Locale;
}
public function getTimeZone()
{
if (is_null($this->member)) {
$this->member = Member::where('Email', '=', $this->external_id)->first();
}
$this->getAssociatedMember();
return "";
}
public function getDateOfBirth()
{
if (is_null($this->member)) {
$this->member = Member::where('Email', '=', $this->external_id)->first();
}
$this->getAssociatedMember();
return "";
}
@ -194,25 +177,19 @@ class User extends BaseModelEloquent implements UserInterface, IOpenIdUser, IOAu
public function getBio()
{
if (is_null($this->member)) {
$this->member = Member::where('Email', '=', $this->external_id)->first();
}
$this->getAssociatedMember();
return $this->member->Bio;
}
public function getPic()
{
if (is_null($this->member)) {
$this->member = Member::where('Email', '=', $this->external_id)->first();
}
$this->getAssociatedMember();
$url = asset('img/generic-profile-photo.png');
$photoId = $this->member->PhotoID;
if (!is_null($photoId) && is_numeric($photoId) && $photoId > 0) {
$photo = MemberPhoto::where('ID', '=', $photoId)->first();
$photo = MemberPhoto::where('ID', '=', $photoId)->first();
if(!is_null($photo)){
$url = $photo->Filename;
$url = $photo->Filename;
}
}
return $url;
@ -228,9 +205,7 @@ class User extends BaseModelEloquent implements UserInterface, IOpenIdUser, IOAu
*/
public function canUseSystemScopes()
{
if (is_null($this->member)) {
$this->member = Member::where('Email', '=', $this->external_id)->first();
}
$this->getAssociatedMember();
$group = $this->member->groups()->where('code','=',IOAuth2User::OAuth2SystemScopeAdminGroup)->first();
return !is_null($group);
}
@ -241,9 +216,7 @@ class User extends BaseModelEloquent implements UserInterface, IOpenIdUser, IOAu
*/
public function isOAuth2ServerAdmin()
{
if (is_null($this->member)) {
$this->member = Member::where('Email', '=', $this->external_id)->first();
}
$this->getAssociatedMember();
$group = $this->member->groups()->where('code','=',IOAuth2User::OAuth2ServerAdminGroup)->first();
return !is_null($group);
}
@ -253,42 +226,32 @@ class User extends BaseModelEloquent implements UserInterface, IOpenIdUser, IOAu
*/
public function isOpenstackIdAdmin()
{
if (is_null($this->member)) {
$this->member = Member::where('Email', '=', $this->external_id)->first();
}
$this->getAssociatedMember();
$group = $this->member->groups()->where('code','=',IOpenIdUser::OpenstackIdServerAdminGroup)->first();
return !is_null($group);
}
public function getStreetAddress()
{
if (is_null($this->member)) {
$this->member = Member::where('Email', '=', $this->external_id)->first();
}
$this->getAssociatedMember();
return sprintf("%s, %s ",$this->member->Address,$this->member->Suburb);
}
public function getRegion()
{
if (is_null($this->member)) {
$this->member = Member::where('Email', '=', $this->external_id)->first();
}
$this->getAssociatedMember();
return $this->member->State;
}
public function getLocality()
{
if (is_null($this->member)) {
$this->member = Member::where('Email', '=', $this->external_id)->first();
}
$this->getAssociatedMember();
return $this->member->City;
}
public function getPostalCode()
{
if (is_null($this->member)) {
$this->member = Member::where('Email', '=', $this->external_id)->first();
}
$this->getAssociatedMember();
return $this->member->Postcode;
}

4
app/models/oauth2/Client.php
View File

@ -153,8 +153,8 @@ class Client extends BaseModelEloquent implements IClient {
public function getDeveloperEmail()
{
$user = $this->user()->first();
$email = $user->external_id;
$user = $this->user()->first();
$email = $user->getEmail();
return $email;
}

2
app/repositories/EloquentUserRepository.php
View File

@ -79,7 +79,7 @@ class EloquentUserRepository implements IUserRepository {
*/
public function getByExternalId($external_id)
{
return $this->user->where('external_id', '=', $external_id)->first();
return $this->user->where('external_identifier', '=', $external_id)->first();
}
/**

3
app/services/openid/UserService.php
View File

@ -31,6 +31,7 @@ class UserService implements IUserService
/**
* Associate openid url with given user
* @param IOpenIdUser $user
* @param $proposed_username
* @return bool|IOpenIdUser
@ -40,7 +41,7 @@ class UserService implements IUserService
{
try {
$repository = $this->repository;
if (!is_null($user) && $user->identifier === $user->external_id) {
if (!is_null($user) && $user->identifier === strval($user->external_identifier)) {
$this->tx_service->transaction(function () use ($proposed_username,&$user,&$repository) {
$done = false;

2
app/tests/OAuth2ProtectedApiTest.php
View File

@ -35,7 +35,7 @@ abstract class OAuth2ProtectedApiTest extends OpenStackIDBaseTest {
$this->current_realm = Config::get('app.url');
$user = User::where('external_id', '=', 'smarcet@gmail.com')->first();
$user = User::where('identifier','=','sebastian.marcet')->first();
$this->be($user);

2
app/tests/OAuth2ProtocolTest.php
View File

@ -18,7 +18,7 @@ class OAuth2ProtocolTest extends OpenStackIDBaseTest
parent::prepareForTests();
//Route::enableFilters();
$this->current_realm = Config::get('app.url');
$user = User::where('external_id', '=', 'smarcet@gmail.com')->first();
$user = User::where('identifier','=','sebastian.marcet')->first();
$this->be($user);
Session::start();
}

4
app/tests/OpenIdProtocolTest.php
View File

@ -40,7 +40,7 @@ class OpenIdProtocolTest extends OpenStackIDBaseTest
Route::enableFilters();
$this->current_realm = Config::get('app.url');
$this->user = User::where('external_id', '=', 'smarcet@gmail.com')->first();
$this->user = User::where('identifier','=','sebastian.marcet')->first();
$this->be($this->user);
Session::start();
@ -721,7 +721,7 @@ class OpenIdProtocolTest extends OpenStackIDBaseTest
public function testCheckSetupOAuth2ExtensionSubView(){
//set login info
$user = User::where('external_id', '=', 'smarcet@gmail.com')->first();
$user = User::where('identifier','=','sebastian.marcet')->first();
Auth::login($user);
$scope = array(